Tren De Aragua

Tren de Aragua (TdA; Spanish for "the train of Aragua") is a Venezuelan transnational criminal organization, described in the provided content as originating as a Venezuelan prison gang and later expanding internationally. The content states that the U.S. government designated TdA as a Foreign Terrorist Organization in 2025, while also noting that internal U.S. government records and a National Intelligence Council assessment reflected significant uncertainty about whether TdA operated in the United States as a coherent, centrally directed organization or was directly controlled by the Maduro government. Based on the content, TdA-linked activity in the United States has included a large-scale ATM jackpotting campaign using Ploutus malware. U.S. prosecutors alleged that TdA members and leaders physically accessed ATMs, conducted surveillance and alarm-response testing, installed Ploutus via hard-drive swaps or USB devices, forced ATMs to dispense cash, deleted evidence, laundered proceeds, and generated millions of dollars in illicit revenue. The content states that U.S. authorities charged 54, and later 87, alleged TdA members and associates in related indictments. The FBI also alleged that fugitive Anibal Alexander Canelon Aguirre led cyberattacks against U.S. financial institutions on behalf of TdA and was the alleged mastermind behind malware used by the group. The content further attributes to TdA a broader criminal portfolio including murder, assault, drug trafficking, firearms trafficking, kidnapping, robbery, theft, fraud, extortion, human smuggling, sexual exploitation, and money laundering across the Western Hemisphere. Internal U.S. records cited in the content characterize TdA-linked activity in the U.S. as fragmented and profit-driven, including burglaries, ATM jackpotting, delivery-app fraud, and low-level narcotics sales, with no clear evidence of centralized command or political motive. Known aliases in the content include TdA and Tren De Aragua.